technique for determining a chain of individual functions associated with a service

ABSTRACT

A method and apparatus are provided for determining a chain of individual functions associated with a service. The functions are designed to be interconnected in order to supply the service to a client entity in a communications network. The method includes the following steps implemented by a determination device: receiving from an access node to the service a temporary chain of individual functions associated with the service requested by the client entity together with a context associated with the client entity; determining an action to be performed on the temporary chain of individual functions associated with the service as a function of the context associated with the client entity; implementing the determined action on the temporary chain in order to obtain a final chain of individual functions; and sending the final chain to the service access node. This method can be implemented for supplying the service to the client entity.

CROSS-REFERENCE TO RELATED APPLICATIONS

This Application is a Section 371 National Stage Application ofInternational Application No. PCT/FR2010/051211, filed Jun. 17, 2010,which is incorporated by reference in its entirety and published as WO2010/149898 on Dec. 29, 2010, not in English.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

None.

THE NAMES OF PARTIES TO A JOINT RESEARCH AGREEMENT

None.

FIELD OF THE DISCLOSURE

The disclosure lies in the field of telecommunications, and it relatesin particular to a technique for determining a chain of individualfunctions associated with a service.

BACKGROUND OF THE DISCLOSURE

In a communications network, a plurality of nodes may form an overlaynetwork and thus be connected to one another. By way of example, theoverlay network may be of the peer-to-peer type, referred to below as aP2P network. In such an overlay network, the nodes, referred to as“peers”, are interchangeable and possess capacities and responsibilitieswithin the network that are equivalent, in contrast to an architectureof the client-server type. Such an overlay network does not rely on itsown infrastructure, but on one or more communications networks that arealready in place. It makes use of the resources of said underlyingnetwork(s) but without necessarily having any knowledge of theirphysical topology(ies). A communications network is said to underlie theoverlay network.

The article entitled “Towards autonomic service control in nextgeneration networks” by A. Klenk et al. and published in the ICAS08Conference proposes a method of enabling a service to be introduced inautonomic manner in the overlay network. In an initial stage, anoperator seeking to offer access to the service and a supplier of theservice negotiate a contract prior to receiving a first request toimplement the service, with the contract, referred to as a “multimediatransport service agreement”, including at least one constraint forimplementing the service, e.g. a quality of service constraint. Thisfirst stage of negotiation serves to break down a service request into achain of individual functions. For example, such functions are a videostream transcoding function, an error correction function, awatermarking function, . . . . In a second stage, implemented when aservice access request is received from a client entity, nodes havingprocessing modules needed for implementing the individual functions arethen determined. Thereafter, depending on the result of thisdetermination, the interconnections that are needed between theprocessing modules are in turn determined, while taking account firstlyof the constraint(s) for implementing the service as specified in thecontract and secondly of the costs of implementing the service. During athird stage, the service is supplied to the client entity while usingthe connections between the processing modules as set up during thesecond stage.

Once the first negotiation stage has terminated, the chain of individualfunctions associated with the service is “frozen” and can no longer bemodified. Thus, a client entity requesting access to the service runsthe risk of being refused because of incompatibility between the cliententity's own quality of service constraint and those requested forimplementing the service. In order to accommodate client entitiespresenting different quality of service constraints, it is thennecessary to provide a distinct chain of individual functions for eachpotential quality of service constraint. Furthermore, the client entitymay make a mistake when selecting a service corresponding to thatentity's own quality of service constraint. The service can then not besupplied.

SUMMARY

In a first aspect, an embodiment of the invention provides a method ofdetermining a chain of individual functions associated with a service,said individual functions being designed to be interconnected in orderto provide said service to a client entity in a communications network,said method comprising the following steps implemented by adetermination device:

-   -   a step of receiving from an access node to said service a        temporary chain of individual functions associated with the        service requested by the client entity together with a context        associated with the client entity;    -   a step of determining an action to be performed on the temporary        chain of individual functions associated with the service as a        function of the context associated with the client entity;    -   a step of implementing the determined action on the temporary        chain in order to obtain a final chain of individual functions;        and    -   a step of sending the final chain to said service access node.

In order to implement the service to the client entity, it is necessaryto determine a chain of individual functions. The term “individualfunctions” is used for example to mean a transcoding function, ametering function, a legal interception function, a watermarkingfunction, . . . . Such an individual function is described by inputparameters, a function, and output parameters. The chain of individualfunctions then represents a string of processes to be implementedstarting from a device implementing the service and presenting certainoutput parameters and going to a client entity presenting certain inputparameters. Given that the temporary chain as initially defined duringthe contract negotiation stage is adapted by the method of an embodimentof the invention to match a context associated with the client entity,only one stage of negotiation is needed between the communicationsnetwork supplier and the service supplier. The client entity then nolonger needs itself to select a service identifier that is adapted tothe entity's own needs. Adaptation to those needs is performed inautonomic manner within the network. This serves to limit any risk oferror on the part of the client entity. The administration of variousservices is also simplified, since only one negotiation stage takesplace. It is thus possible to provide each client entity with access tothe service that has been matched to the client entity in autonomicmanner.

According to a particular characteristic, this action to be performedbelongs to the group comprising at least: a deletion; an addition; areplacement.

During adaptation, it may be necessary to add an individual function tothe temporary chain. For example, if the capacity of the client entityis not compatible with a video service, it is possible to add atranscoding function into the temporary chain. During the second stage,a communications network element offering the transcoding function isthen selected and participates in supplying the service to the cliententity during the third stage of implementing the service.

The adaptation may also involve deleting an individual function from thetemporary chain. For example, a metering function may be provided in thetemporary chain but may be found to be unnecessary for the client entitywhen its access is of the ADSL type or when said access takes placeduring a first utilization period.

The adaptation may also consist in modifying an individual function ofthe temporary chain. For example, a transcoding function may initiallybe provided but it may need to be modified as a function of the timeaccess is made to the service.

According to another particular characteristic, the context associatedwith the client entity belongs to the group comprising at least: anidentifier of the user of the client entity; a type of network access; atype of terminal.

The identifier of the user may be taken into account, e.g. for thepurpose of inserting a legal interception function into the temporarychain.

The type of the access network may be obtained by interrogating anetwork access session or connectivity session location and repositoryfunction (CLF) server. The information stored by that server can thus beused for adapting the chain of individual functions.

The type of terminal may be sent in the service access request. It isthen possible to adapt the chain of individual functions as a functionof the intrinsic characteristics of the terminal.

According to another particular characteristic, the method furtherincludes a step of verifying whether said client entity is authorized toaccess said service, the step of implementing the determined actionbeing executed when the client entity is authorized to access theservice.

Since access authorization is verified before the step of performing thedetermined action, the method may be stopped when the client entity isnot authorized to access the service. This avoids postponing thedecision to after resources have already been reserved in the network.

According to another particular characteristic, the method also includesa step of obtaining at least one rule relating to the context associatedwith the client entity, and in which the action to be performed on thetemporary chain is also determined as a function of said rule.

It is possible to store rules in a database, the rules relating tocontexts that are associated with the client entity. By way of example,these may be rules for applying to different client entities, rules thatdepend on the operator of the communications network, rules that dependon the service. Thus, the determination device interrogates the databasein order to obtain the rules that are to be applied for the context thatis associated with the client entity.

In a second aspect, an embodiment of the invention provides adetermination device for determining a chain of individual functionsassociated with a service, said individual functions being designed tobe interconnected in order to supply said messages to a client entity ina communications network, said device comprising:

-   -   receiver means for receiving from an access node to said service        a temporary chain of individual functions associated with the        service requested by the client entity, together with a context        associated with the client entity;    -   determination means for determining an action to be performed on        the temporary chain of individual functions associated with the        service, as a function of the context associated with the client        entity;    -   implementation means for implementing the determined action on        the temporary chain in order to obtain a final chain of        individual functions; and    -   sender means for sending the final chain to said service access        node.

In a third aspect, an embodiment of the invention provides a serviceaccess node comprising:

-   -   receiver means for receiving from a client entity a service        access request, said request including a context associated with        the client entity;    -   obtaining means for obtaining a temporary chain of individual        functions associated with said service;    -   sender means for sending to a device for determining a chain of        individual functions a temporary chain of individual functions        associated with the service together with a context associated        with the client entity; and    -   receiver means for receiving from said device a final chain of        individual functions.

In a fourth aspect, an embodiment of the invention provides a system forprocessing a service access request made by a client entity, the systemcomprising at least one service access node and a determination devicefor determining a chain of individual functions associated with aservice, as described above.

In a fifth aspect, an embodiment of the invention provides a computerprogram including instructions for implementing the method as describedabove for determining a chain of individual functions associated with aservice by means of a determination device when the program is executedby a processor.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure can be better understood from the following descriptionof a particular implementation of the method, given with reference tothe accompanying drawings, in which:

FIG. 1 shows a system for processing a request for access to a servicein its environment, in a particular implementation of the invention;

FIG. 2 shows the steps of the method of the invention in a particularimplementation;

FIG. 3 shows a device for determining a chain of individual functionsassociated with a service in a particular embodiment of the invention;and

FIG. 4 shows a service access node in a particular embodiment of theinvention.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

A system 1 for processing a request for access to a service in acommunications network is shown diagrammatically in FIG. 1. The system 1comprises a plurality of access nodes to that service referenced SBN-1,. . . , SBN-N for “service bootstrap node”. A terminal N is also shownin FIG. 1. Below, the term “client entity” is used to designate theterminal N or the user U of the terminal N. In an embodiment of theinvention, the system 1 also includes an access control entityreferenced IF-OPAC for “interface overlay proxy access control”, whichentity is administered by the operator giving access to the service.This access control entity IF-OPAC comprises in particular a device 100for determining a chain of individual functions. The access controlentity IF-OPAC is arranged to interrogate a database Pol-DB that storesrules relating to the client entities, rules associated with theoperator of the communications network, and rules associated with theservice. These rules may be stored in a single database or they may bestored in distinct databases. A rule relating to the client entity mayfor example be adding an individual function conditionally, depending onan access type. A rule relating to the service serves to specifyconditions for access to the service, in particular who is authorized toaccess the service, when can the service be accessed, from where can theservices be accessed, which users are authorized. A rule associated withthe operator of the communications network serves to specify conditionsfor accessing the resources of the network. By way of example, this mayinvolve a maximum authorized data rate in the communications networkthat differs depending on the user, or on a time of access to theservice. Still as non-limiting examples, access to the resources of thecommunications network may be available only to users of the network,the access network used by the client entity does not accept roamingclient entities, the resources available for roaming users are limitedto certain data rates in the down direction or in the up direction afterimplementing an authorization procedure, whereas non-roaming users arenot limited, . . . .

A portal P is also shown and, for a given service S, it stores a serviceidentifier SID and addresses of access nodes to the service SBN.

In order to enable the client entity to access the service S, a chain ofindividual functions TSID needs to be determined. According to thearticle entitled “Towards autonomic service control in next generationnetworks” by A. Klenk et al. and published in the ICAS08 Conference,such a chain of individual functions is defined during the stage ofnegotiation between the service supplier and the telecommunicationsnetwork supplier. At the end of the negotiation stage, the service isdefined by:

-   -   a unique service identifier SID;    -   a set of individual data-processing functions P_(SID); and    -   a set of constraints associated with the service C_(SID). These        constraints comprise parameters associated with the service and        authorizations for access to the service. By way of example, the        parameters associated with the service are the place of access,        the time of access, the manner of access, and quality of service        parameters, such as a maximum acceptable cost, a maximum        acceptable delay, a required passband, . . . . The constraints        may also be specified between the elements of the processing        chain.

This information that as a whole defines the service identified by theservice identifier SID is referred to below as a processing chaintemplate. It comprises an ordered chain of individual functions P_(i).

An individual data-processing function is represented in the form of atriplet (I, P, O) where I represents the input format that theprocessing function P can process, and O represents the output formatthat results from implementing the processing function P. When any inputformat is acceptable, this is represented by the character “*”. By wayof example, an individual function P_(i) is a legal interception, alocalization function, a watermarking function, a transcoding function,a cache function, a network address translation (NAT) function, a deeppacket inspection (DPI) function, a presence function, abridge-conference function. This list is naturally not exhaustive.Below, this chain of individual functions is written as follows:

(I_(MS),O_(MS))˜(I,P₁,O)˜(I,P₂,O)˜ . . . (*,P_(i),O)˜(I_(MC),O_(MC))

where MS represents the service and MC represents the client entity.

There follows a description of the process for determining a chain ofindividual functions in a particular implementation, given withreference to FIG. 2.

A prior negotiation stage is implemented between the operator seeking tooffer access to the service and the service supplier S, and this leadsto defining a temporary processing chain template, referred to below asa temporary chain.

The client entity N seeking access to a service S initially contacts theportal P in order to obtain the service identifier SID and the addressesof access nodes SBN to the service. Thereafter, the client entity Nselects an access node SBN-1 to the service and sends a request M1 toaccess the service S to said selected access node. This access requestM1 (SID, Cap, UserID) comprises an identifier of the service SID, thecapacities Cap of the client entity, and an identifier UserID of theuser of the client entity.

The access request M1 is received by the service access node SBN-1 in astep E1 of the method. Still in this step E1, the service access nodeSBN-1 obtains a chain of individual functions associated with theservice. According to an embodiment of the invention, this chain is atemporary chain, written DTSID, and it is determined between the networksupplier and the service supplier during the negotiation stage. Theaccess node SBN-1 then sends a message M2 to the access control entityIF-OPAC. The message M2 (SID, DTSID, Cap, UserID) contains the elementsof the message M1 together with the temporary chain of individualfunctions.

The message M2 is received by the access control entity IF-OPAC in astep F1. The access control entity IF-OPAC then sends a request M3 tothe database Pol-DB, which request comprises a service identifier SIDand a context associated with the client entity. A context associatedwith the client entity may, for example, be an identifier of the user ofthe client entity, user ID, and the capacities of the client entity. Thecontext may equally well be a type of access network, obtained byinterrogating a network access session server or CLF. Such a serverserves to collect information about user sessions at access-networklevel. In particular it stores an association between an address of theterminal and geographical location information of the correspondingnetwork, together with characteristics about the access (up rate, downrate, physical characteristics of the line). A response M4 is receivedfrom the rule database Pol-DB, containing at least a rule relating tothe client entity. The response M4 may also include rules associatedwith the communications network operator, and rules associated with theservice.

In a step F2 of determining actions to be performed on the temporarychain, the access control entity IF-OPAC begins by verifying that theclient entity N is authorized to access the service. If the cliententity is not authorized to access the service, then the service accessrequest is rejected. This rejection is transmitted to the access nodeSBN-1 which then notifies the client entity.

Verifying authorization to access the service in this way thus enablesunauthorized client entities to be rejected at once, instead of waitingfor the service to be put into operation. This serves to economize theresources of the overlay network, and thus of the underlyingcommunications network.

If the client entity is authorized to access the service, still duringthis step F2 of the method, the access control entity IF-OPAC determinesone or more actions to be performed on the temporary chain as a functionof rules relating to the context associated with the client entity.

The actions that may be performed on the temporary chain of individualfunctions DTSID may be the following, for example:

-   -   adding an individual function after some other individual        function;    -   deleting an individual function;    -   replacing an individual function;    -   adding an individual function to the end of the chain; and    -   adding an individual function to the beginning of the chain.

At the end of this step F2 of the method, the service access controlentity IF-OPAC may thus determine that:

-   -   access to the service for said client entity is not authorized,        e.g. because of a context associated with the client that is not        compatible with the service;    -   access to the service for said client entity is authorized        without modifying the temporary chain; or    -   access to the service for said client entity is authorized but        with the temporary chain being modified as a function of one or        more actions to be performed that are determined during this        step F2.

If one or more actions to be performed have been determined, then duringa step F3 of implementing this or these actions, the access controlentity IF-OPAC implements the action(s) to be performed on the temporarychain in order to obtain a final chain of individual functions. Thechain of individual functions is thus adapted as a function of thecontext associated with the client entity. Thus, the client entity N canobtain the requested service, even if the constraints on that clientwere not initially compatible with the constraints of the service. Thisalso avoids providing a plurality of individual function chains, witheach of those chains being associated with a given client entityprofile. Failures associated with poor selection by the client entityare thus avoided. The service adapts in autonomous manner as a functionof the context associated with the client entity.

If no action is determined, then the temporary chain becomes the finalchain.

In all events, still during this step F3, the access control entityIF-OPAC sends a response message M5 to the service access node SBN-1,the message including the final chain of individual functions forimplementing in the overlay network in order to provide the service tothe client entity.

These steps F2 and F3 may be performed by using a language specificationsuch as extensible access control markup language (XACML). Such aspecification defines a language for controlling access, forinterchanging rules, and for administering the security policy ofinformation systems. It is possible to generate internally anauthorization request for each element of the temporary chain and toobtain in return an authorization response comprising one or moreactions to be performed that are determined as a function of the rulesobtained from the database Pol-DB. These response messages are thenprocessed during the step F3. Optionally, it is also possible to usesuch a language specification to certify the information sent by theclient entity or obtained by a third-party supplier entity and make thetransactions secure, as described in the article “Secure stateless trustnegotiation” by A. Klenk et al., published in the 2009 N2S Conference.

Once the final chain of individual functions has been determined, stepssuch as those described in the above-mentioned article are thenperformed by the service access node SBN in order to search in theoverlay network for nodes that propose the required individual functionsand such that the connections between the various nodes make it possibleto comply with the constraints associated with the chain of individualfunctions.

As an illustrative example, there follows a description of theimplementation of a video service using such a method. It should beunderstood that the method is not restricted to this example.

The stage of negotiation between the communications network supplier andthe supplier of a high definition video service has led to a temporarychain of individual functions being registered in the service accessnode SBN-1. The published service makes available a film F presentingthe following characteristics: audio/video codec H.264, resolution highdefinition (HD), video passband 7 megabits per second (Mb/s), audiopassband 256 kilobits per second (kb/s), delay 500 milliseconds (ms).These characteristics are associated with a profile referenced 200. Aclient entity “alice@orange.fr” transmits an access request to theservice, including its own characteristics. By way of example, these maybe: audio/video codec MPEG-4, resolution quarter common intermediateformat (QCIF), video passband 200 kb/s, audio passband 56 kb/s, delay500 ms. These characteristics are associated with a profile referenced3000.

The service access node SBN-1 then sends a request M2 comprising thefollowing temporary chain of individual functions (alice@orange.fr,3000)˜(200, F).

The access control entity IF-OPAC then verifies in step F2 that theclient entity N is indeed authorized to access the service, and thendetermines that a transcoding function TC needs to be added in thetemporary chain. At the end of the step F3, the final chain is then(alice@orange.fr, 3000)˜(3000, TC, 200)˜(200, F).

It should thus be observed that there is no need to negotiate a servicesupply contract for each possible user profile. A single negotiationstage suffices, the temporary chain at the end of the negotiation thenbeing adapted as a function of the context associated with the cliententity.

It is emphasized at this point that the temporary chain for a cliententity of profile 200 is directly the final chain.

A device 100 for determining an individual function chain associatedwith a service is described below with reference to FIG. 3.

Such a device 100 comprises:

-   -   a receiver module 102 for receiving from a service access node a        temporary chain of individual functions associated with the        service requested by a client entity and a context associated        with the client entity;    -   a determination module 104 for determining an action to be        performed on the temporary chain as a function of the context        associated with the client entity;    -   an implementation module 106 for implementing the determined        action on the temporary chain in order to obtain a final chain;        and    -   a sender module 108 for sending the final chain to the service        access node.

The module 104 is also arranged to interrogate the database Pol-BD for acontext associated with the client entity and to receive in return atleast one rule relating to that context.

The device 100 for determining a chain of individual functions isdesigned to be incorporated in the access control entity IF-OPAC.

A service access node SBN-1, SBN-N, 200 as shown in FIG. 4 comprises:

-   -   a receiver module 202 for receiving from a client entity a        request to access the service, said request including a context        associated with the client entity;    -   an obtaining module 204 for obtaining a temporary chain of        individual functions associated with said service;    -   a sender module 206 for sending to a device for determining a        chain of individual functions a temporary chain together with a        context associated with the client entity; and    -   a receiver module 208 for receiving from said device a final        chain of individual functions.

The modules 202, 204, 206, and 208 are arranged to implement theabove-described method of determining a chain of individual functions.It preferably comprises software modules including software instructionsfor executing the steps of the above-described determination method whenimplemented by the device for determining a chain of individualfunctions. An embodiment of the invention thus also provides:

-   -   a program for a device for determining a chain of individual        functions, the program including program code instructions for        controlling the execution of the steps of the above-described        determination method when said program is executed by said        device; and    -   a recording medium readable by a device for determining a chain        of individual functions and having recorded thereon the program        for a device.

The software modules may be stored in or transmitted by a data medium.The medium may be hardware storage medium such as, for example a compactdisk read only memory (CD-ROM), a magnetic floppy disk, or a hard disk,or indeed a transmission medium such as an electrical, optical, or radiosignal, or a telecommunications network.

An embodiment of the invention also provides the system 1 for processinga request for access to a service made by a client entity N, the systemcomprising at least one service access node SBN-1, SBN-N, 200 and adevice IF-OPAC, 100 for determining a chain of individual functionsassociated with a service, as described above.

Although the present disclosure has been described with reference to oneor more examples, workers skilled in the art will recognize that changesmay be made in form and detail without departing from the scope of thedisclosure and/or the appended claims.

1. A method of determining a chain of individual functions associatedwith a service, said individual functions being designed to beinterconnected in order to provide said service to a client entity in acommunications network, said method comprising the following stepsimplemented by a determination device: a step of receiving from anaccess node to said service a temporary chain of individual functionsassociated with the service requested by the client entity together witha context associated with the client entity; a step of determining anaction to be performed on the temporary chain of individual functionsassociated with the service as a function of the context associated withthe client entity; a step of implementing the determined action on thetemporary chain in order to obtain a final chain of individualfunctions; and a step of sending the final chain to said service accessnode.
 2. The method according to claim 1, wherein said action to beperformed belongs to the group comprising at least: a deletion; anaddition; a replacement.
 3. The method according to claim 1, wherein thecontext associated with the client entity belongs to the groupcomprising at least: an identifier of the user of the client entity; atype of network access; a type of terminal.
 4. The method according toclaim 1, including a step of verifying whether said client entity isauthorized to access said service, the step of implementing thedetermined action being executed when the client entity is authorized toaccess the service.
 5. A method according to claim 1, further includinga step of obtaining at least one rule relating to the context associatedwith the client entity, and in which the action to be performed on thetemporary chain is also determined as a function of said rule.
 6. Adetermination device for determining a chain of individual functionsassociated with a service, said individual functions being designed tobe interconnected in order to supply said messages to a client entity ina communications network, said device comprising: receiver means forreceiving from an access node to said service a temporary chain ofindividual functions associated with the service requested by the cliententity, together with a context associated with the client entity;determination means for determining an action to be performed on thetemporary chain of individual functions associated with the service, asa function of the context associated with the client entity;implementation means for implementing the determined action on thetemporary chain in order to obtain a final chain of individualfunctions; and sender means for sending the final chain to said serviceaccess node.
 7. A service access node comprising: receiver means forreceiving from a client entity a service access request, said requestincluding a context associated with the client entity; obtaining meansfor obtaining a temporary chain of individual functions associated withsaid service; sender means for sending to a device, for determining achain of individual functions, a temporary chain of individual functionstogether with a context associated with the client entity; and receivermeans for receiving from said device a final chain of individualfunctions.
 8. A system for processing a service access request made by aclient entity, the system comprising: at least one service access nodecomprising: receiver means for receiving from a client entity a serviceaccess request, said request including a context associated with theclient entity; obtaining means for obtaining a temporary chain ofindividual functions associated with said service; sender means forsending a temporary chain of individual functions together with acontext associated with the client entity; and receiver means forreceiving a final chain of individual functions; and a determinationdevice comprising: receiver means for receiving from said service accessnode the temporary chain of individual functions associated with theservice access request, together with the context associated with theclient entity; determination means for determining an action to beperformed on the temporary chain of individual functions associated withthe service access request, as a function of the context associated withthe client entity; implementation means for implementing the determinedaction on the temporary chain in order to obtain a final chain ofindividual functions; and sender means for sending the final chain tosaid service access node.
 9. A system according to claim 8 forprocessing an access request, the system further including a databasestoring at least rules relating to context associated with cliententities.
 10. A hardware storage medium comprising a computer programstored thereon and including instructions for implementing a method fordetermining a chain of individual functions associated with a service bymeans of a determination device when the program is executed by aprocessor, said individual functions being designed to be interconnectedin order to provide said service to a client entity in a communicationsnetwork, wherein the method comprises: a step of receiving from anaccess node to said service a temporary chain of individual functionsassociated with the service requested by the client entity together witha context associated with the client entity; a step of determining anaction to be performed on the temporary chain of individual functionsassociated with the service as a function of the context associated withthe client entity; a step of implementing the determined action on thetemporary chain in order to obtain a final chain of individualfunctions; and a step of sending the final chain to said service accessnode.